RSS

How-To Geek

Browser plug-ins are on their way out. Apple’s iOS has never supported plug-ins, Flash is long-discontinued for Android, and the new version of IE for Windows 8 doesn’t support most plug-ins. Chrome will soon be blocking traditional NPAPI browser plug-ins.

The web isn’t going in reverse and losing features. There’s a good reason browser plug-ins are going away, and the web will be better once they’re gone. Browser developers are integrating plug-in features into browsers themselves.

Why Browser Plug-ins Were Created

Browser plug-ins were very necessary when they were created. At the time, browsers were fairly immature. Worse yet, browser development eventually came to a standstill. Microsoft’s Internet Explorer 6 was released in 2001 around the time Windows XP was originally released. As Microsoft had “won” the browser wars and were on top, they decided to pull their developers off Internet Explorer and stop developing IE entirely. The next version of Internet Explorer, IE 7, was released in 2006, over five years later. IE 7 and even IE 8, released 8 years later in 2009, were a fairly small improvements over IE 6.

For over five years, browser development for most web users had stagnated. This slow browser development created big opportunities for plug-in developers. Adobe’s Flash player expanded to include support for video playback as well as animations and other features. Microsoft developed Silverlight released it in 2007 to provide streaming media and animation support — it was basically Microsoft’s Flash competitor.

Other plug-ins were also created to fill holes in web browsers. The Unity plug-in provides 3D graphics support, the Google Voice and Video plug-in gives Google’s Hangouts and Talk services access to a system’s microphone and webcam, and so on.

Even in the early days before Internet Explorer 6 stagnated so badly, browser plug-ins were used to add features to web browsers that the browsers themselves just didn’t have. If you’ve been around the web long enough, you’ll remember going to a video playback page online and being presented with a choice of using Windows Media Player, QuickTime, or RealPlayer to play the video. These three incompatible plug-ins were all different ways of adding video playback to the web. There was no built-in way for browsers to play videos, nor was there a web-wide standard for video playback. We eventually standardized on Flash, and now we’re moving away from it.

Why Browser Plug-ins Are Bad

Browser plug-ins have proven to be a problem for the web. Here are some of the biggest problems with them:

Security: Browser plug-ins have proven to be more insecure than browsers themselves, and Flash and Java are some of the biggest attack vectors on the web. This is aggravated by the fact that everyone has the same Flash or Java plug-in, no matter what browser or operating system they use. This means that an attack on the plug-in should work across every browser and operating system.

No Sandboxing: Security problems are made worse because traditional browser plugins written using NPAPI (Netscape Plugin Application Programming Interface) or ActiveX aren’t sandboxed. They have complete access to the entire user account and its operating system permissions. A hole in the plug-in gives access to the entire operating system. Meanwhile, browsers render web pages in a sandbox, which is harder to escape. Chrome’s new Pepper API (PPAPI) sandboxes plug-ins, and the new version of Flash for Chrome uses this Pepper API instead of NPAPI.

Cross-Platform Problems: Plug-ins are created by a single vendor, which means there’s only a single implementation and it only runs on the vendor’s supported platforms. For example, let’s say you want to watch Netflix on Linux — you can’t do this in a supported way, because Microsoft doesn’t provide Silverlight for Linux. Or, let’s say you want to play some Flash games on your iPad — you can’t do this either, because Adobe Flash doesn’t run on iOS. In both cases, Linux developers or Apple developers can’t write their own support for Silverlight or Flash. It’s not an open standard like web standards are, where you can have multiple implementations implemented by different people.

Stability: Plug-ins have also been a leading cause of crashes, especially when their crashes brought down entire web browsers. Thankfully, due to Chrome’s sandboxing and Firefox’s plug-in isolation, crashing plug-ins only crash themselves nowadays. There’s no way for browser developers to fix these crashes; they have to rely on the plug-in’s developers to fix them. You can’t just switch to another version of the plug-in if one is crashing for you — there’s only one option.

Between security and the struggles to make plug-ins work well across different mobile and desktop platforms, it’s no wonder that plug-ins are falling out of favor. They’re also foreign objects to web browsers — they render content differently and can’t be integrated with web pages in the same way standard HTML code can.

What’s Replacing Browser Plug-ins

In the early days of the web, plug-ins allowed for features to be developed in parallel and compete — witness all the different video playback plug-ins. They also allowed third-parties to add new web page features when web browser development stagnated.

We’re now in a much healthier environment of rapid browser development and web standards. We have competition between a variety of web browsers and even Microsoft is making an attempt to adhere to web standards in a way they never did in the past.

Many of the features plug-ins implemented are now being introduced in the form of built-in browser features. Many of them are already implemented, while some are only still in development. Here’s what’s replacing the most popular plug-ins:

Flash: Flash is used for many different things, including video playback and animations. Flash is already being phased out for video playback by HTML5 video, as sites like YouTube are transparently using more HTML5 video instead of Flash. When it comes to animations, many new HTML5 features are filling in where Flash was once required.

Java: Java is already being phased out, as Java applets on web pages have proven to be insecure because the plug-in is the security equivalent of Swiss cheese. Java essentially provides a way of embedding entire programs on web pages, and this hasn’t worked out well.

Silverlight: Microsoft is ending development on Silverlight, which is only used for video playback on a few sites at the moment. Netflix, the biggest user of Silverlight, is moving to HTML5 video playback.

Unity 3D: The Unity 3D plug-in allows for 3D games to be embedded on web pages. 3D graphics on web pages are now possible without any plug-ins thanks to WebGL.

Google Voice and Video: The Google Voice and Video plug-in is still required for Hangouts and Google Talk calls. It will be replaced by the WebRTC standard for plug-in free real-time audio and video communication.

With plug-in features being rolled into browsers themselves, we’ll end up with a more secure, powerful web. Plug-ins are still necessary for the moment, but they’re on their way out. They were very useful at one time, but we’re moving beyond them.

The Flash plug-in will be with us for a while longer as it’s still in such wide use, but all other plug-ins are on the brink of irrelevance. Even Flash is becoming less and less relevant thanks to mobile platforms without Flash support. This is fine by most plug-in developers — Adobe has developed tools that export to HTML5 instead of Flash, Oracle probably wants the extremely insecure Java plug-in to go away and stop sullying their security record, and Microsoft is no longer interested in pushing Silverlight as a Flash competitor.

I can't see this more than just a generalization. While the average person would use a stock browser, I use firefox, for noscript, downloadhelper, DoNotTrackMe and a couple web development plugins. Options is power.

What I do see is the slow death of power user software through the influx of "tablet mentality" simplified software - basic example - try setting up proxy or a custom proxy.pac on a tablet browser.

Instead of watching online I prefer to download Youtube (and similars) videos to watch then later streaming from my PC to my HDTV, sitting in my couch. Even that is posible to download HTML5 videos, they comes with ogg audio track. That is not compatible with dlna devices (e.g. Samsung, LG, etc). Therefore, without Flash, it will become difficult to see videos offline with my current TV. I know that is possible to reencode the audio track, but it is tedious.

g from my PC to my HDTV, sitting in my couch. Even that is posible to download HTML5 videos, they comes with ogg audio track. That is not compatible with dlna devices (e.g. Samsung, LG, etc). Therefore, without Flash, it will become difficult to see videos offline with my current TV. I know that is possible to reencode the audio track, but it is tedious.

I do the same. sometimes I flip through tagging videos I'd like to watch downloading them, and load it on my phone/tablet or just drop it in a shared folder to playback on the TV. I'm curious how much more efficient it is - how much battery like a portable device will have compared to playing the video in browser...

Perhaps you can use handbrake to convert the video's audio format? Save a profile to make it easier? I get around it by having a little PC hooked up to my TV, so i don't have to rely on the limitations of the TV. You can also use an android stick (they're like $40 for a dual core rk3066) or a device like micca speck that take sd/usb and plays pretty much video type.

Thanks for the suggestions, beomagi. I will give a look to those tools you mention. By the way, I use my HDTV with the shared/streaming method. My phone is a piece of crap XD. My problem with playing videos in the browser is the buffering/lag/stuttering, specially if they are in HighRes (720-1080). Besides that, my couch is more comfortable than my chair and my TV is bigger than my computer screen, hehe. While it is true that with my TV I can browse in Youtube, it's awful to use the onscreen keyboard and there is still the buffering/lag/stuttering problem.

It will let you download youtube videos in a variety of quality levels directly on your phone. Playing directly with mx-player is way way lighter. My LG Motion plays back 1080p video fine there. In a browser I wouldn't dream of it.

My TV is completely dumb - so, I use a PC and wireless keyboard. If I were doing it today, I'd use something like a "sanoxy mk808" (can't post links - search on amazon)Which would give me a basic android experience, complete video players that handle most of what I'd want.

My first DLNA device, an LG BD Player, came with Nero Media Home 4 Essentials. Later I bought my LG 'smart' TV and I have continued using NMH4E. The emphasis is in 'essentials' without transcoding and only basic security options. It allows to share folders and you can 'remote' play (stream) media files into compatible devices. Sometimes I have issues with the subtitles but it works for me (restarting solves it). I just installed Serviio to give it a try although I don't like the fact that it requires Java. It's free and at first glance, it has the simplicity of NMH4E plus transcoding capabilities and options for the subtitles (can be burned-in onto the video stream). There is the complete NMH (no 'essentials') for free but I don't like it because it's complicated, scans all my folders without asking and adds to its 'libraries' all the media files it finds (including the 'private' folders). I am proficient enough for organizing my files and classifying them in folders. I don't want a sniffing program that 'categorizes' and shares all my files. Worse, it shows thumbnails of every file, even the 'embarrassing' ones.

Tronsmart looks handy. I could use it for the 'dumbs' TVs in the living room & the kitchen. I kept the big 'smart' TV for my room because I am the boss, hehe

I can't wait for a few of the plugins to disappear and be replaced by HTML5. The only reason that I had to install Windows XP (within VirtualBox) on my Linux computer was to be able to use the full functionality of a certain website (that I use very day) that uses Adobe Flash Player.

GEEK TRIVIA

DID YOU KNOW?

Between 1949 and early 1952 The White House was completely renovated from the inside out; the entire internal structure was removed and for a period of time the building was simply a shell supported by steel beams.